New Report Finds 81% of Defense SMBs Have Begun CMMC Compliance, Yet Struggle to Reach Certification


A staggering 81% of SMBs in the defense industrial base (DIB) have initiated the process for CMMC (Cybersecurity Maturity Model Certification) compliance, yet face significant hurdles in achieving certification levels, reveals a new report by RADICL.

The DIB Cybersecurity Maturity Report | 2024 surveyed 423 IT practitioners from companies with 101 to 250 employees, focusing on their cybersecurity practices, challenges, and status of CMMC compliance. This effort aimed to assess how these crucial businesses are preparing to defend against cyber threats and adhere to stringent security standards required by government defense contracts.

This finding is particularly eye-opening, as it highlights a critical gap in the readiness and capability of these SMBs to meet the required benchmarks for national defense security standards. It underscores the need for a comprehensive approach to cybersecurity that encompasses not just initial compliance but also continuous improvement and adaptation to evolving threats.

“This report should be a wake-up call for the Department of Defense, U.S. policymakers, and SMB CEOs. There are concerning gaps in the ability of SMBs to deter, detect and respond to cyberthreats. CMMC/NIST 800-171 compliance, which mandates fundamental IT security controls, is also behind pace,” said Chris Petersen, Co-Founder and CEO of RADICL. “In contrast, nation-state cyberthreats are not behind pace and will continue to compromise DIB SMBs, steal their data, and disrupt their operations.”

This speaks to the urgent necessity for ongoing education, support, and resources to bridge the gap in cybersecurity readiness. The path forward requires a concerted effort from all stakeholders, including government agencies, industry partners, and the SMBs themselves, to foster a more secure and resilient defense supply chain.

By prioritizing cybersecurity and advancing toward full CMMC compliance, DIB SMBs can not only protect themselves against sophisticated cyber adversaries but also contribute more effectively to the collective defense and security of the nation.


No posts to display